CVE-2016-0109 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer19 documents4 sources
Severity
7.5HIGHNVD
EPSS
27.1%
top 3.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 9
Latest updateMay 14
Description
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9
Affected Packages1 packages
🔴Vulnerability Details
12GHSA▶
GHSA-cc97-x939-8gg9: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web si↗2022-05-14
GHSA▶
GHSA-4r57-vqx3-mm6g: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web si↗2022-05-14
GHSA▶
GHSA-x92p-v52m-p9hc: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web si↗2022-05-14
GHSA▶
GHSA-643x-cvhc-f7jf: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web si↗2022-05-14
GHSA▶
GHSA-2rmm-r7j4-mw6g: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vi↗2022-05-14